Starting OVS Controller with SSL inside Mininet
May 3, 2014 3 Comments
To continue with my previous post about using SSL, I thought I would pass along another alternative way to start the test OVS Controller. In the other post, we start the ovs-controller manually and set the Mininet script to use a RemoteController. But if you want to start the ovs-controller from your script, we just replace the RemoteController with OVSController and also pass in the parameters to start the controller listening on SSL. Below is the same script as my last post but with the changes I just mentioned.
#!/usr/bin/python from mininet.net import Mininet from mininet.node import Controller, RemoteController, OVSController from mininet.cli import CLI from mininet.log import setLogLevel, info def emptyNet(): net = Mininet( controller=OVSController) net.addController( 'c0', cargs='-v pssl:%d -p /etc/openvswitch/ctl-privkey.pem \ -c /etc/openvswitch/ctl-cert.pem \ -C /var/lib/openvswitch/pki/switchca/cacert.pem' ) h1 = net.addHost( 'h1' ) h2 = net.addHost( 'h2' ) s1 = net.addSwitch( 's1' ) net.addLink( h1, s1 ) net.addLink( h2, s1 ) net.start() s1.cmd('ovs-vsctl set-controller s1 ssl:127.0.0.1:6633') net.pingAll() CLI( net ) net.stop() if __name__ == '__main__': setLogLevel( 'info' ) emptyNet()
This post ‘Starting OVS Controller with SSL inside Mininet’ first appeared on https://gregorygee.wordpress.com/.
I tried your script…there is 100% packet drop…any idea why?
What version of OVS are you running? Open vSwitch eventually stopped shipping the ovs-controller and replaced it with a different name. Can you check that the controller started? Were you able to do this same SSL test by starting the controller manually as described in the previous post, https://techandtrains.com/2014/04/27/open-vswitch-with-ssl-and-mininet/ ?
hi, i also tried establishing SSL as per your older post…but the error i get is close the controller at :6633. Although there is only 1 instance of OVSController running on the setup with the Mininet.Can you please help?